Computers and Electronics, Encryption, Hacking and Penetration Testing

Computers and Electronics

Encryption

Hacking

Penetration Testing

MartyMcFly Malware: new Cyber-Espionage Campaign targeting Italian Naval Industry

Security Affairs

OCTOBER 17, 2018

At a first sight, the office document had an encrypted content available on OleObj.1 Those objects are real Encrypted Ole Objects where the Encrypted payload sits on “EncryptedPackage” section and information on how to decrypt it are available on “EncryptionInfo” xml descriptor. Stage1: Encrypted Content.

Malware

Malware Computers and Electronics Encryption Penetration Testing

Step By Step Office Dropper Dissection

Security Affairs

APRIL 5, 2019

From the recorded traffic it’s possible to see the following patterns: a HTTP GET request with some encrypted information to download plugin/additional stages and finally a HTTP POST to send victim’s data directly on the “attacker side”. The used variable holds a Base64 representation of encrypted data.

Computers and Electronics

Computers and Electronics Penetration Testing Malware Encryption

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Trending Sources

Is Emotet gang targeting companies with external SOC?

Security Affairs

OCTOBER 14, 2019

AV and plenty static traffic signatures confirm we are facing a new encrypted version of Emotet trojan. I am a computer security scientist with an intensive hacking background. I do have a MD in computer engineering and a PhD on computer security from University of Bologna. Conclusion. MITRE ATT&CK.

Computers and Electronics

Computers and Electronics Penetration Testing Malware Advertising

OilRig APT group: the evolution of attack techniques over time

Security Affairs

AUGUST 7, 2019

They begun development by introducing crafted communication protocol over DNS and later they added, to such a layer, encoding and encryption self build protocols. I am a computer security scientist with an intensive hacking background. About the author: Marco Ramilli, Founder of Yoroi.

Computers and Electronics

Computers and Electronics Penetration Testing DNS Phishing

Crimeware and financial cyberthreats in 2023

SecureList

NOVEMBER 22, 2022

More cryptocurrency-related threats: fake hardware wallets, smart contract attacks, DeFi hacks, and more. Since the start of 2022, cybercriminals have stolen $3 billion from DeFi protocols , with 125 crypto hacks in total. At this rate, 2022 will likely surpass 2021 as the biggest year for hacking on record.

Cryptocurrency

Cryptocurrency Mobile Ransomware Banking

Malware researcher reverse engineered a threat that went undetected for at least 2 years

Security Affairs

AUGUST 20, 2018

In this stage the JavaScript is loading an encrypted content from the original JAR, using a KEY decrypts such a content and finally loads it (Dynamic Class Loader) on memory in order to fire it up as a new Java code. I am a computer security scientist with an intensive hacking background.

Engineering

Engineering Malware Computers and Electronics Penetration Testing

Frequent VBA Macros used in Office Malware

Security Affairs

OCTOBER 1, 2019

Many analyses over the past few years taught that attackers love re-used code and they prefer to modify, obfuscate and finally encrypt already known code rather than writing from scratch new “attacking modules”. I am a computer security scientist with an intensive hacking background.

Malware

Malware Computers and Electronics Penetration Testing Cyber Attacks

Attack of drones: airborne cybersecurity nightmare

Security Affairs

DECEMBER 2, 2022

Drones currently occupy a unique legal position as they are classified as both aircraft and networked computing devices. and that Wi-Fi or Radio Frequency (RF) signals used by drone platforms are properly encrypted against eavesdropping or manipulation. Market overview. free from obstacles, sparsely populated, etc.) Dronesploit.

Cybersecurity

Cybersecurity Wireless Computers and Electronics Penetration Testing

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Shah provides her expertise in hacking, software development, and kernel development and advocates for open source initiatives. Kennedy founded cybersecurity-focused TrustedSec and Binary Defense Systems and co-authored Metasploit: The Penetration Tester’s Guide. — Dave Kennedy (@HackingDave) July 15, 2020.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

Hacking The Hacker. Stopping a big botnet targeting USA, Canada and Italy

Security Affairs

AUGUST 31, 2018

Now I was able to see encrypted URLs coming from infected hosts. Among many URLs the analyst was able to figure out a “test” connection from the Attacker and focus to decrypt such a connection. I am a computer security scientist with an intensive hacking background. The post Hacking The Hacker.

Hacking

Hacking Computers and Electronics Penetration Testing Engineering

The ‘MartyMcFly’ investigation: Italian naval industry under attack

Security Affairs

NOVEMBER 14, 2018

The SSL certificate has been released by the “cPanel, Inc“ CA and is valid since 16th August 2018; this encryption certificate is likely related to the previously discussed HTTP 301 redirection due to the common name “ CN=wvpznpgahbtoobu.usa.cc ” found in the Issuer field. SSL Certificate details “wvpznpgahbtoobu.usa.cc”.

Computers and Electronics

Computers and Electronics Penetration Testing Malware Phishing

Is APT27 Abusing COVID-19 To Attack People ?!

Security Affairs

MARCH 19, 2020

The following VBScript is run through cscript.exe, It’s an obfuscated and xor-encrypted payload. The encryption is performed by a simple xor having as key the single byte 0 while the encoding procedure is a multi conversion routine which could be summarized as follows: chr(asc(chr(“&h”&mid(x,y,2)))).

Computers and Electronics

Computers and Electronics Penetration Testing Malware Cyber Attacks

Iran-linked APT34: Analyzing the webmask project

Security Affairs

APRIL 23, 2019

Then a well-known Haproxy is used as High Availability service for assuring connections and finally certbot (Let’s Encrypt) is used to give valid certificate to squid3 (but it’s not a mandatory neither a suggested step). I am a computer security scientist with an intensive hacking background. DNS Server scripts.

DNS

DNS Computers and Electronics Penetration Testing Government

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Herjavec Group

AUGUST 26, 2021

1834 — French Telegraph System — A pair of thieves hack the French Telegraph System and steal financial market information, effectively conducting the world’s first cyberattack. 1870 — Switchboard Hack — A teenager hired as a switchboard operator is able to disconnect and redirect calls and use the line for personal usage. .

Cybercrime

Cybercrime Computers and Electronics Banking Hacking

Cyber Security Informer

MartyMcFly Malware: new Cyber-Espionage Campaign targeting Italian Naval Industry

Step By Step Office Dropper Dissection

Trending Sources

Is Emotet gang targeting companies with external SOC?

OilRig APT group: the evolution of attack techniques over time

Crimeware and financial cyberthreats in 2023

Malware researcher reverse engineered a threat that went undetected for at least 2 years

Frequent VBA Macros used in Office Malware

Attack of drones: airborne cybersecurity nightmare

Top Cybersecurity Accounts to Follow on Twitter

Hacking The Hacker. Stopping a big botnet targeting USA, Canada and Italy

The ‘MartyMcFly’ investigation: Italian naval industry under attack

Is APT27 Abusing COVID-19 To Attack People ?!

Iran-linked APT34: Analyzing the webmask project

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Stay Connected